| Summary: | /usr/sbin/selocal: allow .te files in ~/.selocal to be symlinked | ||
|---|---|---|---|
| Product: | Gentoo Linux | Reporter: | Ondrej Famera <ondrej-gentoo> |
| Component: | SELinux | Assignee: | SE Linux Bugs <selinux> |
| Status: | RESOLVED FIXED | ||
| Severity: | enhancement | ||
| Priority: | Low | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Package list: | Runtime testing required: | --- | |
| Attachments: | patch for /usr/sbin/selocal | ||
+ 04 Jul 2015; Jason Zaman <perfinion@gentoo.org> + +policycoreutils-2.4-r1.ebuild, policycoreutils-9999.ebuild: + bump of policycoreutils-extra, fixes bugs 544598, 517456, 517450 Thanks, works for me in policycoreutils-2.4-r1.ebuild, test below. selocal -m test -a "some selinux rule" mv /root/.selocal/test.te /root/repo/ ln -s /root/repo/test.te /root/.selocal/test.te selocal -m test -a "another selinux rule" =< policycoreutils-2.4 ls -l /root/.selocal/test.te /root/.selocal/test.te = policycoreutils-2.4-r1 ls -l /root/.selocal/test.te /root/.selocal/test.te -> /root/repo/test.te Great, thanks for testing. |
Created attachment 399834 [details, diff] patch for /usr/sbin/selocal Because selocal uses command 'mv' after invoking build of module it is not possible to symlink .te files. I have attached simple patch that solves this issue and allows to have symlinks like this: ~/.selocal/my_module.te -> /target/of/symlink.